The cybersecurity skills shortage is nothing new—I’ve been writing about it for years, as have other analysts and researchers. I’ve also done countless presentations on this topic.
I keep writing about the cybersecurity skills shortage for one consistent and troubling reason: It ain’t getting any better. Here’s a few data points to back up this claim:
• As part of ESG’s annual IT spending intentions research, we asked respondents (i.e. about 600 IT and cybersecurity professionals in North America, EMEA and the Asia Pacific region) to identify the different IT areas where their organization has a “problematic shortage” of skills. Cybersecurity has been identified as the #1 “problematic shortage” area across all of IT for the past six years in a row.
• In 2017, 45% of organizations say they have a “problematic shortage” of cybersecurity skills. This is right in line with 2016 (46%), but these last two years represented a big increase. In 2015, 28% of organizations said they had a “problematic shortage” of cybersecurity skills, 25% in 2014, 23% in 2013, and 24 percent in 2012. The increase over the past two years has me especially concerned.